In this section, you can find more information about Kiuwan IDE Plug-In and the technologies involved:
- Kiuwan for Developers for Eclipse-based IDEs
- Kiuwan for Developers for Microsoft Visual Studio
- Kiuwan for Developers for JetBrains
-
Kiuwan for Developers for Microsoft Visual Studio Code
Kiuwan IDE Plug-In
Kiuwan allows for a true shift-left approach by integrating with all the main IDEs.
Kiuwan for Developers is a plug-in for development IDEs that facilitates and automates compliance with security normative, quality standards, and best practices for several languages.
It provides the following benefits:
- Security Vulnerabilities Detection - The plug-in allows developers to detect and fix security vulnerabilities, such as Injection (SQL, XML, OS, etc), XSS, CSRF, etc., directly within their development IDEs.
- Adoption of Security and Coding Standards - The plug-in helps to ensure compliance with standards (CWE, OWASP, CERT-Java/C/C++, SANS-Top25, WASC, PCI-DSS, NIST, MISRA, BIZEC, ISO/IEC 25000 and ISO/IEC 9126) by automating the work. This plug-in connects with Kiuwan and harnesses the power of its quality models to prevent errors and automatically standardize the code.
- Automatic Error Prevention - The plug-in implements and monitors compliance with coding standards at the time the code is entered. Thus, you can avoid errors and reduce the time and cost of debugging and testing activities.
The Kiuwan IDE Plug-in monitors and reports on the security, quality, and efficiency of your code at the point where it is written. This immediate feedback provides you with the opportunity to improve your code before it is delivered.
Working modes
The Kiuwan IDE Plug-In can work in two different modes:
- Analyzer mode
It allows you to analyze your application source code directly within (and fully integrated into) your IDE. You can analyze the whole project (or just some specific files), then review the detected vulnerabilities and defects, fix them, and re-analyze, without exiting your IDE.
- Remote Viewer mode
The plug-in also lets you "download" the vulnerabilities and defects stored in Kiuwan (in the last Baseline, in a specific Delivery, or even the issues to be fixed according to a defined Action Plan). This way, you can go directly to the issues you must fix, just double-click on the defects and go directly to the offending line of code.
By using both modes, you can get a comprehensive understanding of:
- the server view of the application, and
- your local view of the defects according to the changes you are making to the source code
Analyzer and Remote Viewer modes are separately licensed.
Please check your Kiuwan License to see available modes.
Supported IDEs
The Kiuwan IDE Plug-In is available for the following IDEs:
-
Eclipse-based (Analyzer and Viewer)
- Eclipse
- RAD (Rational Application Developer for WebSphere)
- IBM Rational Developer for i Systems
- IBM Rational Developer for z Systems
- Microsoft Visual Studio (Viewer)
-
JetBrains (Viewer)
- IntelliJ IDEA,
- PhpStorm,
- PyCharm
- WebStorm
- Android Studio
- CLion
- Microsoft VS Code (Viewer)
For other IDEs and versions, please contact Kiuwan Technical Support